Q

Should I setup a VPN from inside our network to an outside server?

I have been asked to give some of our employees the ability to use the Microsoft VPN client (Win2000, PPTP) to access a remote customer's VPN server from inside our corporate network. I thought I had read somewhere that this is not a good idea, and at the moment our firewall is setup to not allow establishing a VPN from inside our network. Are there any precautions I should take before allowing this type of connection, or am I worrying...

about nothing?

Yes, you should be worried. This is not a standard practice in any secure network environment. No access should be granted through the firewall to connect to an outside vendor. Instead, you must create a separate DMZ outside your private/protected space that will allow access to the other company. Use a machine within your DMZ or another DMZ just for this purpose, terminal service into that device and then VPN.

This will protect your company and allow much greater control over the device in case of malicious code, hack attempts or data coming back from the other company.


For more info on this topic, please visit these SearchSecurity.com resources:
  • Best Web Links: VPN security
  • Expert Advice: VPNs and split tunneling
  • White paper: The Secret to Simplified Firewall and VPN Security

  • This was first published in September 2003

    Dig deeper on Secure Remote Access

    Pro+

    Features

    Enjoy the benefits of Pro+ membership, learn more and join.

    Have a question for an expert?

    Please add a title for your question

    Get answers from a TechTarget expert on whatever's puzzling you.

    You will be able to add details on the next page.

    0 comments

    Oldest 

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to:

    -ADS BY GOOGLE

    SearchCloudSecurity

    SearchNetworking

    SearchCIO

    SearchConsumerization

    SearchEnterpriseDesktop

    SearchCloudComputing

    ComputerWeekly

    Close